External/nuclei
1
0
Fork 0
mirror of https://github.com/projectdiscovery/nuclei.git synced 2025-12-17 22:45:28 +00:00
Code Issues Packages Projects Releases Wiki Activity

Automatically generate docs for enum values

Browse Source
This commit is contained in:
Ice3man543 2021-11-25 19:34:01 +05:30
parent 1851e37aef
commit caaa5c6594
32 changed files with 685 additions and 344 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

426
SYNTAX-REFERENCE.md
View File

@ -435,19 +435,6 @@ reference:
Severity of the template.
Valid values:
- <code>info</code>
- <code>low</code>
- <code>medium</code>
- <code>high</code>
- <code>critical</code>
</div>
<hr />
@ -568,6 +555,38 @@ Appears in:
<hr />
<div class="dd">
<code></code> <i>Severity</i>
</div>
<div class="dt">
Enum Values:
- <code>undefined</code>
- <code>info</code>
- <code>low</code>
- <code>medium</code>
- <code>high</code>
- <code>critical</code>
</div>
<hr />
## model.Classification
@ -880,36 +899,13 @@ Valid values:
<div class="dd">
<code>method</code> <i>HTTPMethodTypeHolder</i>
<code>method</code> <i><a href="#httpmethodtypeholder">HTTPMethodTypeHolder</a></i>
</div>
<div class="dt">
Method is the HTTP Request Method.
Valid values:
- <code>GET</code>
- <code>HEAD</code>
- <code>POST</code>
- <code>PUT</code>
- <code>DELETE</code>
- <code>CONNECT</code>
- <code>OPTIONS</code>
- <code>TRACE</code>
- <code>PATCH</code>
- <code>PURGE</code>
</div>
<hr />
@ -1274,28 +1270,13 @@ Appears in:
<div class="dd">
<code>type</code> <i>MatcherTypeHolder</i>
<code>type</code> <i><a href="#matchertypeholder">MatcherTypeHolder</a></i>
</div>
<div class="dt">
Type is the type of the matcher.
Valid values:
- <code>status</code>
- <code>size</code>
- <code>word</code>
- <code>regex</code>
- <code>binary</code>
- <code>dsl</code>
</div>
<hr />
@ -1608,6 +1589,50 @@ Valid values:
## MatcherTypeHolder
MatcherTypeHolder is used to hold internal type of the matcher
Appears in:
- <code><a href="#matchersmatcher">matchers.Matcher</a>.type</code>
<hr />
<div class="dd">
<code></code> <i>MatcherType</i>
</div>
<div class="dt">
Enum Values:
- <code>word</code>
- <code>regex</code>
- <code>binary</code>
- <code>status</code>
- <code>size</code>
- <code>dsl</code>
</div>
<hr />
## extractors.Extractor
Extractor is used to extract part of response using a regex.
@ -1658,24 +1683,13 @@ name: cookie-extractor
<div class="dd">
<code>type</code> <i>TypeHolder</i>
<code>type</code> <i><a href="#extractortypeholder">ExtractorTypeHolder</a></i>
</div>
<div class="dt">
Type is the type of the extractor.
Valid values:
- <code>regex</code>
- <code>kval</code>
- <code>json</code>
- <code>xpath</code>
</div>
<hr />
@ -1911,6 +1925,46 @@ Valid values:
## ExtractorTypeHolder
ExtractorTypeHolder is used to hold internal type of the extractor
Appears in:
- <code><a href="#extractorsextractor">extractors.Extractor</a>.type</code>
<hr />
<div class="dd">
<code></code> <i>ExtractorType</i>
</div>
<div class="dt">
Enum Values:
- <code>regex</code>
- <code>kval</code>
- <code>xpath</code>
- <code>json</code>
</div>
<hr />
## generators.AttackTypeHolder
AttackTypeHolder is used to hold internal type of the protocol
@ -1925,6 +1979,84 @@ Appears in:
<hr />
<div class="dd">
<code></code> <i>AttackType</i>
</div>
<div class="dt">
Enum Values:
- <code>batteringram</code>
- <code>pitchfork</code>
- <code>clusterbomb</code>
</div>
<hr />
## HTTPMethodTypeHolder
HTTPMethodTypeHolder is used to hold internal type of the HTTP Method
Appears in:
- <code><a href="#httprequest">http.Request</a>.method</code>
<hr />
<div class="dd">
<code></code> <i>HTTPMethodType</i>
</div>
<div class="dt">
Enum Values:
- <code>GET</code>
- <code>GET</code>
- <code>POST</code>
- <code>PUT</code>
- <code>DELETE</code>
- <code>CONNECT</code>
- <code>OPTIONS</code>
- <code>TRACE</code>
- <code>PATCH</code>
- <code>PURGE</code>
</div>
<hr />
## dns.Request
@ -2043,34 +2175,13 @@ name: '{{FQDN}}'
<div class="dd">
<code>type</code> <i>DNSRequestTypeHolder</i>
<code>type</code> <i><a href="#dnsrequesttypeholder">DNSRequestTypeHolder</a></i>
</div>
<div class="dt">
RequestType is the type of DNS request to make.
Valid values:
- <code>A</code>
- <code>NS</code>
- <code>DS</code>
- <code>CNAME</code>
- <code>SOA</code>
- <code>PTR</code>
- <code>MX</code>
- <code>TXT</code>
- <code>AAAA</code>
</div>
<hr />
@ -2196,6 +2307,56 @@ Resolvers to use for the dns requests
## DNSRequestTypeHolder
DNSRequestTypeHolder is used to hold internal type of the DNS type
Appears in:
- <code><a href="#dnsrequest">dns.Request</a>.type</code>
<hr />
<div class="dd">
<code></code> <i>DNSRequestType</i>
</div>
<div class="dt">
Enum Values:
- <code>A</code>
- <code>NS</code>
- <code>DS</code>
- <code>CNAME</code>
- <code>SOA</code>
- <code>PTR</code>
- <code>MX</code>
- <code>TXT</code>
- <code>AAAA</code>
</div>
<hr />
## file.Request
Request contains a File matching mechanism for local disk operations.
@ -2455,15 +2616,6 @@ Attack is the type of payload combinations to perform.
Batteringram is same payload into all of the defined payload positions at once, pitchfork combines multiple payload sets and clusterbomb generates
permutations and combinations for all payloads.
Valid values:
- <code>batteringram</code>
- <code>pitchfork</code>
- <code>clusterbomb</code>
</div>
<hr />
@ -2646,7 +2798,7 @@ data: hex_decode('50494e47')
<div class="dd">
<code>type</code> <i>NetworkInputTypeHolder</i>
<code>type</code> <i><a href="#networkinputtypeholder">NetworkInputTypeHolder</a></i>
</div>
<div class="dt">
@ -2722,6 +2874,42 @@ name: prefix
## NetworkInputTypeHolder
NetworkInputTypeHolder is used to hold internal type of the Network type
Appears in:
- <code><a href="#networkinput">network.Input</a>.type</code>
<hr />
<div class="dd">
<code></code> <i>NetworkInputType</i>
</div>
<div class="dt">
Enum Values:
- <code>hex</code>
- <code>text</code>
</div>
<hr />
## headless.Request
Request contains a Headless protocol request to be made from a template
@ -2879,15 +3067,44 @@ Description is the optional description of the headless action
<div class="dd">
<code>action</code> <i>ActionTypeHolder</i>
<code>action</code> <i><a href="#actiontypeholder">ActionTypeHolder</a></i>
</div>
<div class="dt">
Action is the type of the action to perform.
</div>
Valid values:
<hr />
## ActionTypeHolder
ActionTypeHolder is used to hold internal type of the action
Appears in:
- <code><a href="#engineaction">engine.Action</a>.action</code>
<hr />
<div class="dd">
<code></code> <i>ActionType</i>
</div>
<div class="dt">
Enum Values:
- <code>navigate</code>
@ -2931,6 +3148,8 @@ Valid values:
- <code>debug</code>
- <code>sleep</code>
- <code>waitvisible</code>
</div>
<hr />
@ -3135,15 +3354,6 @@ Attack is the type of payload combinations to perform.
Sniper is each payload once, pitchfork combines multiple payload sets and clusterbomb generates
permutations and combinations for all payloads.
Valid values:
- <code>sniper</code>
- <code>pitchfork</code>
- <code>clusterbomb</code>
</div>
<hr />

4
nuclei-jsonschema.json
View File

@ -131,7 +131,7 @@
},
"type": {
"$schema": "http://json-schema.org/draft-04/schema#",
"$ref": "#/definitions/extractors.TypeHolder"
"$ref": "#/definitions/extractors.ExtractorTypeHolder"
},
"regex": {
"items": {
@ -194,7 +194,7 @@
"additionalProperties": false,
"type": "object"
},
"extractors.TypeHolder": {
"extractors.ExtractorTypeHolder": {
"enum": [
"regex",
"kval",

8
v2/go.mod
View File

@ -40,7 +40,7 @@ require (
github.com/projectdiscovery/retryabledns v1.0.13-0.20211109182249-43d38df59660
github.com/projectdiscovery/retryablehttp-go v1.0.2
github.com/projectdiscovery/stringsutil v0.0.0-20210830151154-f567170afdd9
github.com/projectdiscovery/yamldoc-go v1.0.2
github.com/projectdiscovery/yamldoc-go v1.0.3-0.20211125140040-b396ca47606e
github.com/remeh/sizedwaitgroup v1.0.0
github.com/rs/xid v1.3.0
github.com/segmentio/ksuid v1.0.4
@ -77,6 +77,7 @@ require (
github.com/bits-and-blooms/bloom/v3 v3.0.1 // indirect
github.com/c4milo/unpackit v0.1.0 // indirect
github.com/cnf/structhash v0.0.0-20201127153200-e1b16c1ebc08 // indirect
github.com/dave/dst v0.26.2 // indirect
github.com/davecgh/go-spew v1.1.1 // indirect
github.com/dimchansky/utfbom v1.1.1 // indirect
github.com/dsnet/compress v0.0.1 // indirect
@ -91,6 +92,7 @@ require (
github.com/golang/groupcache v0.0.0-20200121045136-8c9f03a8e57e // indirect
github.com/golang/protobuf v1.5.2 // indirect
github.com/golang/snappy v0.0.4 // indirect
github.com/google/go-cmp v0.5.6 // indirect
github.com/google/go-querystring v1.0.0 // indirect
github.com/google/uuid v1.3.0 // indirect
github.com/gosuri/uilive v0.0.4 // indirect
@ -124,10 +126,14 @@ require (
github.com/zclconf/go-cty v1.8.4 // indirect
go.etcd.io/bbolt v1.3.6 // indirect
golang.org/x/crypto v0.0.0-20210711020723-a769d52b0f97 // indirect
golang.org/x/mod v0.4.2 // indirect
golang.org/x/sys v0.0.0-20210915083310-ed5796bab164 // indirect
golang.org/x/time v0.0.0-20191024005414-555d28b269f0 // indirect
golang.org/x/tools v0.1.3 // indirect
golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1 // indirect
google.golang.org/appengine v1.6.7 // indirect
google.golang.org/protobuf v1.27.1 // indirect
gopkg.in/corvus-ch/zbase32.v1 v1.0.0 // indirect
gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b // indirect
mvdan.cc/gofumpt v0.1.1 // indirect
)

18
v2/go.sum
View File

@ -163,6 +163,7 @@ github.com/cpuguy83/go-md2man v1.0.10/go.mod h1:SmD6nW6nTyfqj6ABTjUi3V3JVMnlJmwc
github.com/cpuguy83/go-md2man/v2 v2.0.0-20190314233015-f79a8a8ca69d/go.mod h1:maD7wRr/U5Z6m/iR4s+kqSMx2CaBsrgA7czyZG/E6dU=
github.com/creack/pty v1.1.7/go.mod h1:lj5s0c3V2DBrqTV7llrYr5NG6My20zk30Fl46Y7DoTY=
github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E=
github.com/dave/dst v0.26.2 h1:lnxLAKI3tx7MgLNVDirFCsDTlTG9nKTk7GcptKcWSwY=
github.com/dave/dst v0.26.2/go.mod h1:UMDJuIRPfyUCC78eFuB+SV/WI8oDeyFDvM/JR6NI3IU=
github.com/dave/gopackages v0.0.0-20170318123100-46e7023ec56e/go.mod h1:i00+b/gKdIDIxuLDFob7ustLAVqhsZRk2qVZrArELGQ=
github.com/dave/jennifer v1.2.0/go.mod h1:fIb+770HOpJ2fmN9EPPKOqm1vMGhB+TwXKMZhrIygKg=
@ -641,6 +642,20 @@ github.com/projectdiscovery/stringsutil v0.0.0-20210830151154-f567170afdd9 h1:xb
github.com/projectdiscovery/stringsutil v0.0.0-20210830151154-f567170afdd9/go.mod h1:oTRc18WBv9t6BpaN9XBY+QmG28PUpsyDzRht56Qf49I=
github.com/projectdiscovery/yamldoc-go v1.0.2 h1:SKb7PHgSOXm27Zci05ba0FxpyQiu6bGEiVMEcjCK1rQ=
github.com/projectdiscovery/yamldoc-go v1.0.2/go.mod h1:7uSxfMXaBmzvw8m5EhOEjB6nhz0rK/H9sUjq1ciZu24=
github.com/projectdiscovery/yamldoc-go v1.0.3-0.20211125104740-9b1096de655d h1:sXbcjsLPDgOrlGXgCKbT6MMyH/hTY3OJhhwsyM2bNlI=
github.com/projectdiscovery/yamldoc-go v1.0.3-0.20211125104740-9b1096de655d/go.mod h1:7uSxfMXaBmzvw8m5EhOEjB6nhz0rK/H9sUjq1ciZu24=
github.com/projectdiscovery/yamldoc-go v1.0.3-0.20211125105154-082a0a3cc326 h1:/fGqkG8GlfdvlTCfvAoSA/WgEAJrmCnW5qtdd7QXnwA=
github.com/projectdiscovery/yamldoc-go v1.0.3-0.20211125105154-082a0a3cc326/go.mod h1:7uSxfMXaBmzvw8m5EhOEjB6nhz0rK/H9sUjq1ciZu24=
github.com/projectdiscovery/yamldoc-go v1.0.3-0.20211125110259-585ff5584784 h1:Be2eD7oXNvCbFufVhvkiO5a0SRVN+Ri2V9pXKL2uJp8=
github.com/projectdiscovery/yamldoc-go v1.0.3-0.20211125110259-585ff5584784/go.mod h1:7uSxfMXaBmzvw8m5EhOEjB6nhz0rK/H9sUjq1ciZu24=
github.com/projectdiscovery/yamldoc-go v1.0.3-0.20211125112758-99d87632e49a h1:xGeZvil8Fe5LpGJbTGZGafnnbedNGtVcvLv3nYtmhXQ=
github.com/projectdiscovery/yamldoc-go v1.0.3-0.20211125112758-99d87632e49a/go.mod h1:7uSxfMXaBmzvw8m5EhOEjB6nhz0rK/H9sUjq1ciZu24=
github.com/projectdiscovery/yamldoc-go v1.0.3-0.20211125135034-67f4c31feb2b h1:oSBnxdyyDU/WpNKUAXrhydgx5+JtDT7KfJR+hOEaBXk=
github.com/projectdiscovery/yamldoc-go v1.0.3-0.20211125135034-67f4c31feb2b/go.mod h1:7uSxfMXaBmzvw8m5EhOEjB6nhz0rK/H9sUjq1ciZu24=
github.com/projectdiscovery/yamldoc-go v1.0.3-0.20211125135235-2e6dd74132d0 h1:mOptvTJ32yUuqQjjSfiPkPCelTWzqnts92uNOZBXZZo=
github.com/projectdiscovery/yamldoc-go v1.0.3-0.20211125135235-2e6dd74132d0/go.mod h1:7uSxfMXaBmzvw8m5EhOEjB6nhz0rK/H9sUjq1ciZu24=
github.com/projectdiscovery/yamldoc-go v1.0.3-0.20211125140040-b396ca47606e h1:0ZxOM0Q0/ESa24L/vq3fxs9YipxfHR4Y3jM/H2ReJ5E=
github.com/projectdiscovery/yamldoc-go v1.0.3-0.20211125140040-b396ca47606e/go.mod h1:7uSxfMXaBmzvw8m5EhOEjB6nhz0rK/H9sUjq1ciZu24=
github.com/prometheus/client_golang v0.9.1/go.mod h1:7SWBe2y4D6OKWSNQJUaRYU/AaXPKyh/dDVn+NZz0KFw=
github.com/prometheus/client_golang v0.9.3-0.20190127221311-3c4408c8b829/go.mod h1:p2iRAGwDERtqlqzRXnrOVns+ignqQo//hLXqYxZYVNs=
github.com/prometheus/client_golang v1.0.0/go.mod h1:db9x61etRT2tGnBNRi70OPL5FsnadC4Ky3P0J6CfImo=
@ -890,6 +905,7 @@ golang.org/x/mod v0.1.1-0.20191209134235-331c550502dd/go.mod h1:s0Qsj1ACt9ePp/hM
golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
golang.org/x/mod v0.4.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
golang.org/x/mod v0.4.2 h1:Gz96sIWK3OalVv/I/qNygP42zyoKp3xptRVCWRFEBvo=
golang.org/x/mod v0.4.2/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
golang.org/x/net v0.0.0-20180218175443-cbe0f9307d01/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
@ -1108,6 +1124,7 @@ golang.org/x/tools v0.0.0-20201224043029-2b0845dc783e/go.mod h1:emZCQorbCU4vsT4f
golang.org/x/tools v0.0.0-20210101214203-2dba1e4ea05c/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA=
golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA=
golang.org/x/tools v0.1.0/go.mod h1:xkSsbof2nBLbhDlRMhhhyNLN/zl3eTqcnHD5viDpcZ0=
golang.org/x/tools v0.1.3 h1:L69ShwSZEyCsLKoAxDKeMvLDZkumEe8gXUZAjab0tX8=
golang.org/x/tools v0.1.3/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk=
golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
@ -1248,6 +1265,7 @@ honnef.co/go/tools v0.0.1-2020.1.4/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9
honnef.co/go/tools v0.1.3/go.mod h1:NgwopIslSNH47DimFoV78dnkksY2EFtX0ajyb3K/las=
moul.io/http2curl v1.0.0 h1:6XwpyZOYsgZJrU8exnG87ncVkU1FVCcTRpwzOkTDUi8=
moul.io/http2curl v1.0.0/go.mod h1:f6cULg+e4Md/oW1cYmwW4IWQOVl2lGbmCNGOHvzX2kE=
mvdan.cc/gofumpt v0.1.1 h1:bi/1aS/5W00E2ny5q65w9SnKpWEF/UIOqDYBILpo9rA=
mvdan.cc/gofumpt v0.1.1/go.mod h1:yXG1r1WqZVKWbVRtBWKWX9+CxGYfA51nSomhM0woR48=
rsc.io/binaryregexp v0.2.0/go.mod h1:qTv7/COck+e2FymRvadv62gMdZztPaShugOCi3I+8D8=
rsc.io/quote/v3 v3.1.0/go.mod h1:yEA65RcK8LyAZtP9Kv3t0HmxON59tX3rD+tICJqUlj0=

7
v2/pkg/model/model.go
View File

@ -50,13 +50,6 @@ type Info struct {
Reference stringslice.StringSlice `json:"reference,omitempty" yaml:"reference,omitempty" jsonschema:"title=references for the template,description=Links relevant to the template"`
// description: |
// Severity of the template.
//
// values:
// - info
// - low
// - medium
// - high
// - critical
SeverityHolder severity.Holder `json:"severity,omitempty" yaml:"severity,omitempty"`
// description: |
// Metadata of the template.

50
v2/pkg/model/types/severity/severity.go
View File

@ -1,19 +1,28 @@
package severity
import (
"encoding/json"
"strings"
"github.com/alecthomas/jsonschema"
"github.com/pkg/errors"
)
type Severity int
// name:Severity
const (
// name:undefined
Undefined Severity = iota
// name:info
Info
// name:low
Low
// name:medium
Medium
// name:high
High
// name:critical
Critical
limit
)
@ -51,3 +60,44 @@ func normalizeValue(value string) string {
func (severity Severity) String() string {
return severityMappings[severity]
}
//nolint:exported,revive //prefer to be explicit about the name, and make it refactor-safe
// Holder holds a Severity type. Required for un/marshalling purposes
type Holder struct {
Severity Severity `mapping:"true"`
}
func (severityHolder Holder) JSONSchemaType() *jsonschema.Type {
gotType := &jsonschema.Type{
Type: "string",
Title: "severity of the template",
Description: "Seriousness of the implications of the template",
}
for _, severity := range GetSupportedSeverities() {
gotType.Enum = append(gotType.Enum, severity.String())
}
return gotType
}
func (severityHolder *Holder) UnmarshalYAML(unmarshal func(interface{}) error) error {
var marshalledSeverity string
if err := unmarshal(&marshalledSeverity); err != nil {
return err
}
computedSeverity, err := toSeverity(marshalledSeverity)
if err != nil {
return err
}
severityHolder.Severity = computedSeverity
return nil
}
func (severityHolder *Holder) MarshalJSON() ([]byte, error) {
return json.Marshal(severityHolder.Severity.String())
}
func (severityHolder Holder) MarshalYAML() (interface{}, error) {
return severityHolder.Severity.String(), nil
}

48
v2/pkg/model/types/severity/severity_holder.go
View File

@ -1,48 +0,0 @@
package severity
import (
"encoding/json"
"github.com/alecthomas/jsonschema"
)
//nolint:exported,revive //prefer to be explicit about the name, and make it refactor-safe
// Holder holds a Severity type. Required for un/marshalling purposes
type Holder struct {
Severity Severity
}
func (severityHolder Holder) JSONSchemaType() *jsonschema.Type {
gotType := &jsonschema.Type{
Type: "string",
Title: "severity of the template",
Description: "Seriousness of the implications of the template",
}
for _, severity := range GetSupportedSeverities() {
gotType.Enum = append(gotType.Enum, severity.String())
}
return gotType
}
func (severityHolder *Holder) UnmarshalYAML(unmarshal func(interface{}) error) error {
var marshalledSeverity string
if err := unmarshal(&marshalledSeverity); err != nil {
return err
}
computedSeverity, err := toSeverity(marshalledSeverity)
if err != nil {
return err
}
severityHolder.Severity = computedSeverity
return nil
}
func (severityHolder *Holder) MarshalJSON() ([]byte, error) {
return json.Marshal(severityHolder.Severity.String())
}
func (severityHolder Holder) MarshalYAML() (interface{}, error) {
return severityHolder.Severity.String(), nil
}

23
v2/pkg/operators/extractors/extractor_types.go
View File

@ -11,14 +11,15 @@ import (
// ExtractorType is the type of the extractor specified
type ExtractorType int
// name:ExtractorType
const (
// RegexExtractor extracts responses with regexes
// name:regex
RegexExtractor ExtractorType = iota + 1
// KValExtractor extracts responses with key:value
// name:kval
KValExtractor
// XPathExtractor extracts responses with Xpath selectors
// name:xpath
XPathExtractor
// JSONExtractor extracts responses with json
// name:json
JSONExtractor
//limit
limit
@ -64,12 +65,12 @@ func (t ExtractorType) String() string {
return extractorMappings[t]
}
// TypeHolder is used to hold internal type of the extractor
type TypeHolder struct {
ExtractorType ExtractorType
// ExtractorTypeHolder is used to hold internal type of the extractor
type ExtractorTypeHolder struct {
ExtractorType ExtractorType `mapping:"true"`
}
func (holder TypeHolder) JSONSchemaType() *jsonschema.Type {
func (holder ExtractorTypeHolder) JSONSchemaType() *jsonschema.Type {
gotType := &jsonschema.Type{
Type: "string",
Title: "type of the extractor",
@ -81,7 +82,7 @@ func (holder TypeHolder) JSONSchemaType() *jsonschema.Type {
return gotType
}
func (holder *TypeHolder) UnmarshalYAML(unmarshal func(interface{}) error) error {
func (holder *ExtractorTypeHolder) UnmarshalYAML(unmarshal func(interface{}) error) error {
var marshalledTypes string
if err := unmarshal(&marshalledTypes); err != nil {
return err
@ -96,10 +97,10 @@ func (holder *TypeHolder) UnmarshalYAML(unmarshal func(interface{}) error) error
return nil
}
func (holder *TypeHolder) MarshalJSON() ([]byte, error) {
func (holder *ExtractorTypeHolder) MarshalJSON() ([]byte, error) {
return json.Marshal(holder.ExtractorType.String())
}
func (holder TypeHolder) MarshalYAML() (interface{}, error) {
func (holder ExtractorTypeHolder) MarshalYAML() (interface{}, error) {
return holder.ExtractorType.String(), nil
}

7
v2/pkg/operators/extractors/extractors.go
View File

@ -16,12 +16,7 @@ type Extractor struct {
Name string `yaml:"name,omitempty" jsonschema:"title=name of the extractor,description=Name of the extractor"`
// description: |
// Type is the type of the extractor.
// values:
// - "regex"
// - "kval"
// - "json"
// - "xpath"
Type TypeHolder `json:"name,omitempty" yaml:"type"`
Type ExtractorTypeHolder `json:"name,omitempty" yaml:"type"`
// extractorType is the internal type of the extractor
extractorType ExtractorType

9
v2/pkg/operators/matchers/matchers.go
View File

@ -10,13 +10,6 @@ import (
type Matcher struct {
// description: |
// Type is the type of the matcher.
// values:
// - "status"
// - "size"
// - "word"
// - "regex"
// - "binary"
// - "dsl"
Type MatcherTypeHolder `yaml:"type" jsonschema:"title=type of matcher,description=Type of the matcher,enum=status,enum=size,enum=word,enum=regex,enum=binary,enum=dsl"`
// description: |
// Condition is the optional condition between two matcher variables. By default,
@ -120,7 +113,6 @@ type Matcher struct {
dslCompiled []*govaluate.EvaluableExpression
}
// ConditionType is the type of condition for matcher
type ConditionType int
@ -152,4 +144,3 @@ func (m *Matcher) ResultWithMatchedSnippet(data bool, matchedSnippet []string) (
}
return data, matchedSnippet
}

15
v2/pkg/operators/matchers/matchers_types.go
View File

@ -11,18 +11,19 @@ import (
// MatcherType is the type of the matcher specified
type MatcherType int
// name:MatcherType
const (
// WordsMatcher matches responses with words
// name:word
WordsMatcher MatcherType = iota + 1
// RegexMatcher matches responses with regexes
// name:regex
RegexMatcher
// BinaryMatcher matches responses with words
// name:binary
BinaryMatcher
// StatusMatcher matches responses with status codes
// name:status
StatusMatcher
// SizeMatcher matches responses with response size
// name:size
SizeMatcher
// DSLMatcher matches based upon dsl syntax
// name:dsl
DSLMatcher
//limit
limit
@ -72,7 +73,7 @@ func (t MatcherType) String() string {
// MatcherTypeHolder is used to hold internal type of the matcher
type MatcherTypeHolder struct {
MatcherType MatcherType
MatcherType MatcherType `mapping:"true"`
}
func (t MatcherTypeHolder) String() string {

11
v2/pkg/protocols/common/generators/attack_types.go
View File

@ -11,13 +11,14 @@ import (
// AttackType is the type of attack for payloads
type AttackType int
// Supported values for the ProtocolType
// Supported values for the AttackType
// name:AttackType
const (
// BatteringRamAttack replaces same payload into all of the defined payload positions at once.
// name:batteringram
BatteringRamAttack AttackType = iota + 1
// PitchForkAttack replaces variables with positional value from multiple wordlists
// name:pitchfork
PitchForkAttack
// ClusterbombAttack replaces variables with all possible combinations of values
// name:clusterbomb
ClusterbombAttack
limit
)
@ -57,7 +58,7 @@ func (t AttackType) String() string {
// AttackTypeHolder is used to hold internal type of the protocol
type AttackTypeHolder struct {
Value AttackType
Value AttackType `mapping:"true"`
}
func (holder AttackTypeHolder) JSONSchemaType() *jsonschema.Type {

10
v2/pkg/protocols/dns/dns.go
View File

@ -34,16 +34,6 @@ type Request struct {
Name string `yaml:"name,omitempty" jsonschema:"title=hostname to make dns request for,description=Name is the Hostname to make DNS request for"`
// description: |
// RequestType is the type of DNS request to make.
// values:
// - "A"
// - "NS"
// - "DS"
// - "CNAME"
// - "SOA"
// - "PTR"
// - "MX"
// - "TXT"
// - "AAAA"
RequestType DNSRequestTypeHolder `yaml:"type,omitempty" jsonschema:"title=type of dns request to make,description=Type is the type of DNS request to make,enum=A,enum=NS,enum=DS,enum=CNAME,enum=SOA,enum=PTR,enum=MX,enum=TXT,enum=AAAA"`
// description: |
// Class is the class of the DNS request.

12
v2/pkg/protocols/dns/dns_types.go
View File

@ -11,15 +11,25 @@ import (
// DNSRequestType is the type of the method specified
type DNSRequestType int
// name:DNSRequestType
const (
// name:A
A DNSRequestType = iota + 1
// name:NS
NS
// name:DS
DS
// name:CNAME
CNAME
// name:SOA
SOA
// name:PTR
PTR
// name:MX
MX
// name:TXT
TXT
// name:AAAA
AAAA
//limit
limit
@ -67,7 +77,7 @@ func (t DNSRequestType) String() string {
// DNSRequestTypeHolder is used to hold internal type of the DNS type
type DNSRequestTypeHolder struct {
DNSRequestType DNSRequestType
DNSRequestType DNSRequestType `mapping:"true"`
}
func (holder DNSRequestTypeHolder) String() string {

6
v2/pkg/protocols/dns/operators_test.go
View File

@ -192,7 +192,7 @@ func TestDNSOperatorExtract(t *testing.T) {
t.Run("extract", func(t *testing.T) {
extractor := &extractors.Extractor{
Part: "raw",
Type: extractors.TypeHolder{ExtractorType: extractors.RegexExtractor},
Type: extractors.ExtractorTypeHolder{ExtractorType: extractors.RegexExtractor},
Regex: []string{"[0-9]+\\.[0-9]+\\.[0-9]+\\.[0-9]+"},
}
err = extractor.CompileExtractors()
@ -205,7 +205,7 @@ func TestDNSOperatorExtract(t *testing.T) {
t.Run("kval", func(t *testing.T) {
extractor := &extractors.Extractor{
Type: extractors.TypeHolder{ExtractorType: extractors.KValExtractor},
Type: extractors.ExtractorTypeHolder{ExtractorType: extractors.KValExtractor},
KVal: []string{"rcode"},
}
err = extractor.CompileExtractors()
@ -238,7 +238,7 @@ func TestDNSMakeResult(t *testing.T) {
}},
Extractors: []*extractors.Extractor{{
Part: "raw",
Type: extractors.TypeHolder{ExtractorType: extractors.RegexExtractor},
Type: extractors.ExtractorTypeHolder{ExtractorType: extractors.RegexExtractor},
Regex: []string{"[0-9]+\\.[0-9]+\\.[0-9]+\\.[0-9]+"},
}},
},

2
v2/pkg/protocols/dns/request_test.go
View File

@ -35,7 +35,7 @@ func TestDNSExecuteWithResults(t *testing.T) {
}},
Extractors: []*extractors.Extractor{{
Part: "raw",
Type: extractors.TypeHolder{ExtractorType: extractors.RegexExtractor},
Type: extractors.ExtractorTypeHolder{ExtractorType: extractors.RegexExtractor},
Regex: []string{"[0-9]+\\.[0-9]+\\.[0-9]+\\.[0-9]+"},
}},
},

6
v2/pkg/protocols/file/operators_test.go
View File

@ -154,7 +154,7 @@ func TestFileOperatorExtract(t *testing.T) {
t.Run("extract", func(t *testing.T) {
extractor := &extractors.Extractor{
Part: "raw",
Type: extractors.TypeHolder{ExtractorType: extractors.RegexExtractor},
Type: extractors.ExtractorTypeHolder{ExtractorType: extractors.RegexExtractor},
Regex: []string{"[0-9]+\\.[0-9]+\\.[0-9]+\\.[0-9]+"},
}
err = extractor.CompileExtractors()
@ -167,7 +167,7 @@ func TestFileOperatorExtract(t *testing.T) {
t.Run("kval", func(t *testing.T) {
extractor := &extractors.Extractor{
Type: extractors.TypeHolder{ExtractorType: extractors.KValExtractor},
Type: extractors.ExtractorTypeHolder{ExtractorType: extractors.KValExtractor},
KVal: []string{"raw"},
}
err = extractor.CompileExtractors()
@ -250,7 +250,7 @@ func testFileMakeResult(t *testing.T, matchers []*matchers.Matcher, matcherCondi
Matchers: matchers,
Extractors: []*extractors.Extractor{{
Part: "raw",
Type: extractors.TypeHolder{ExtractorType: extractors.RegexExtractor},
Type: extractors.ExtractorTypeHolder{ExtractorType: extractors.RegexExtractor},
Regex: []string{"[0-9]+\\.[0-9]+\\.[0-9]+\\.[0-9]+"},
}},
},

2
v2/pkg/protocols/file/request_test.go
View File

@ -37,7 +37,7 @@ func TestFileExecuteWithResults(t *testing.T) {
}},
Extractors: []*extractors.Extractor{{
Part: "raw",
Type: extractors.TypeHolder{ExtractorType: extractors.RegexExtractor},
Type: extractors.ExtractorTypeHolder{ExtractorType: extractors.RegexExtractor},
Regex: []string{"[0-9]+\\.[0-9]+\\.[0-9]+\\.[0-9]+"},
}},
},

22
v2/pkg/protocols/headless/engine/action.go
View File

@ -26,28 +26,6 @@ type Action struct {
Description string `yaml:"description,omitempty" jsonschema:"title=description for headless action,description=Description of the headless action"`
// description: |
// Action is the type of the action to perform.
// values:
// - "navigate"
// - "script"
// - "click"
// - "rightclick"
// - "text"
// - "screenshot"
// - "time"
// - "select"
// - "files"
// - "waitload"
// - "getresource"
// - "extract"
// - "setmethod"
// - "addheader"
// - "setheader"
// - "deleteheader"
// - "setbody"
// - "waitevent"
// - "keyboard"
// - "debug"
// - "sleep"
ActionType ActionTypeHolder `yaml:"action" jsonschema:"title=action to perform,description=Type of actions to perform,enum=navigate,enum=script,enum=click,enum=rightclick,enum=text,enum=screenshot,enum=time,enum=select,enum=files,enum=waitload,enum=getresource,enum=extract,enum=setmethod,enum=addheader,enum=setheader,enum=deleteheader,enum=setbody,enum=waitevent,enum=keyboard,enum=debug,enum=sleep"`
}

26
v2/pkg/protocols/headless/engine/action_types.go
View File

@ -12,51 +12,73 @@ import (
type ActionType int8
// Types to be executed by the user.
// name:ActionType
const (
// ActionNavigate performs a navigation to the specified URL
// URL can include nuclei payload data such as URL, Hostname, etc.
// name:navigate
ActionNavigate ActionType = iota + 1
// ActionScript executes a JS snippet on the page.
// name:script
ActionScript
// ActionClick performs the left-click action on an Element.
// name:click
ActionClick
// ActionRightClick performs the right-click action on an Element.
// name:rightclick
ActionRightClick
// ActionTextInput performs an action for a text input
// name:text
ActionTextInput
// ActionScreenshot performs the screenshot action writing to a file.
// name:screenshot
ActionScreenshot
// ActionTimeInput performs an action on a time input.
// name:time
ActionTimeInput
// ActionSelectInput performs an action on a select input.
// name:select
ActionSelectInput
// ActionFilesInput performs an action on a file input.
// name:files
ActionFilesInput
// ActionWaitLoad waits for the page to stop loading.
// name:waitload
ActionWaitLoad
// ActionGetResource performs a get resource action on an element
// name:getresource
ActionGetResource
// ActionExtract performs an extraction on an element
// name:extract
ActionExtract
// ActionSetMethod sets the request method
// name:setmethod
ActionSetMethod
// ActionAddHeader adds a header to the request
// name:addheader
ActionAddHeader
// ActionSetHeader sets a header in the request
// name:setheader
ActionSetHeader
// ActionDeleteHeader deletes a header from the request
// name:deleteheader
ActionDeleteHeader
// ActionSetBody sets the value of the request body
// name:setbody
ActionSetBody
// ActionWaitEvent waits for a specific event.
// name:waitevent
ActionWaitEvent
// ActionKeyboard performs a keyboard action event on a page.
// name:keyboard
ActionKeyboard
// ActionDebug debug slows down headless and adds a sleep to each page.
// name:debug
ActionDebug
// ActionSleep executes a sleep for a specified duration
// name:sleep
ActionSleep
// ActionWaitVisible waits until an element appears.
// name:waitvisible
ActionWaitVisible
// limit
limit
@ -143,7 +165,7 @@ func (t ActionType) String() string {
// ActionTypeHolder is used to hold internal type of the action
type ActionTypeHolder struct {
ActionType ActionType
ActionType ActionType `mapping:"true"`
}
func (holder ActionTypeHolder) String() string {

11
v2/pkg/protocols/http/http.go
View File

@ -55,17 +55,6 @@ type Request struct {
AttackType generators.AttackTypeHolder `yaml:"attack,omitempty" jsonschema:"title=attack is the payload combination,description=Attack is the type of payload combinations to perform,enum=batteringram,enum=pitchfork,enum=clusterbomb"`
// description: |
// Method is the HTTP Request Method.
// values:
// - "GET"
// - "HEAD"
// - "POST"
// - "PUT"
// - "DELETE"
// - "CONNECT"
// - "OPTIONS"
// - "TRACE"
// - "PATCH"
// - "PURGE"
Method HTTPMethodTypeHolder `yaml:"method,omitempty" jsonschema:"title=method is the http request method,description=Method is the HTTP Request Method,enum=GET,enum=HEAD,enum=POST,enum=PUT,enum=DELETE,enum=CONNECT,enum=OPTIONS,enum=TRACE,enum=PATCH,enum=PURGE"`
// description: |
// Body is an optional parameter which contains HTTP Request body.

13
v2/pkg/protocols/http/http_method_types.go
View File

@ -11,16 +11,27 @@ import (
// HTTPMethodType is the type of the method specified
type HTTPMethodType int
// name:HTTPMethodType
const (
// name:GET
HTTPGet HTTPMethodType = iota + 1
// name:GET
HTTPHead
// name:POST
HTTPPost
// name:PUT
HTTPPut
// name:DELETE
HTTPDelete
// name:CONNECT
HTTPConnect
// name:OPTIONS
HTTPOptions
// name:TRACE
HTTPTrace
// name:PATCH
HTTPPatch
// name:PURGE
HTTPPurge
//limit
limit
@ -69,7 +80,7 @@ func (t HTTPMethodType) String() string {
// HTTPMethodTypeHolder is used to hold internal type of the HTTP Method
type HTTPMethodTypeHolder struct {
MethodType HTTPMethodType
MethodType HTTPMethodType `mapping:"true"`
}
func (holder HTTPMethodTypeHolder) String() string {

14
v2/pkg/protocols/http/operators_test.go
View File

@ -166,7 +166,7 @@ func TestHTTPOperatorExtract(t *testing.T) {
t.Run("extract", func(t *testing.T) {
extractor := &extractors.Extractor{
Part: "body",
Type: extractors.TypeHolder{ExtractorType: extractors.RegexExtractor},
Type: extractors.ExtractorTypeHolder{ExtractorType: extractors.RegexExtractor},
Regex: []string{"[0-9]+\\.[0-9]+\\.[0-9]+\\.[0-9]+"},
}
err = extractor.CompileExtractors()
@ -179,7 +179,7 @@ func TestHTTPOperatorExtract(t *testing.T) {
t.Run("kval", func(t *testing.T) {
extractor := &extractors.Extractor{
Type: extractors.TypeHolder{ExtractorType: extractors.KValExtractor},
Type: extractors.ExtractorTypeHolder{ExtractorType: extractors.KValExtractor},
KVal: []string{"test_header"},
}
err = extractor.CompileExtractors()
@ -195,7 +195,7 @@ func TestHTTPOperatorExtract(t *testing.T) {
t.Run("jq-simple", func(t *testing.T) {
extractor := &extractors.Extractor{
Type: extractors.TypeHolder{ExtractorType: extractors.JSONExtractor},
Type: extractors.ExtractorTypeHolder{ExtractorType: extractors.JSONExtractor},
JSON: []string{".batters | .batter | .[] | .id"},
}
err = extractor.CompileExtractors()
@ -207,7 +207,7 @@ func TestHTTPOperatorExtract(t *testing.T) {
})
t.Run("jq-array", func(t *testing.T) {
extractor := &extractors.Extractor{
Type: extractors.TypeHolder{ExtractorType: extractors.JSONExtractor},
Type: extractors.ExtractorTypeHolder{ExtractorType: extractors.JSONExtractor},
JSON: []string{".array"},
}
err = extractor.CompileExtractors()
@ -219,7 +219,7 @@ func TestHTTPOperatorExtract(t *testing.T) {
})
t.Run("jq-object", func(t *testing.T) {
extractor := &extractors.Extractor{
Type: extractors.TypeHolder{ExtractorType: extractors.JSONExtractor},
Type: extractors.ExtractorTypeHolder{ExtractorType: extractors.JSONExtractor},
JSON: []string{".batters"},
}
err = extractor.CompileExtractors()
@ -235,7 +235,7 @@ func TestHTTPOperatorExtract(t *testing.T) {
event["body"] = exampleResponseBody
extractor := &extractors.Extractor{
Type: extractors.TypeHolder{ExtractorType: extractors.KValExtractor},
Type: extractors.ExtractorTypeHolder{ExtractorType: extractors.KValExtractor},
KVal: []string{"TEST_HEADER"}, // only applies to KVal
CaseInsensitive: true,
}
@ -267,7 +267,7 @@ func TestHTTPMakeResult(t *testing.T) {
}},
Extractors: []*extractors.Extractor{{
Part: "body",
Type: extractors.TypeHolder{ExtractorType: extractors.RegexExtractor},
Type: extractors.ExtractorTypeHolder{ExtractorType: extractors.RegexExtractor},
Regex: []string{"[0-9]+\\.[0-9]+\\.[0-9]+\\.[0-9]+"},
}},
},

4
v2/pkg/protocols/network/network.go
View File

@ -36,10 +36,6 @@ type Request struct {
//
// Batteringram is same payload into all of the defined payload positions at once, pitchfork combines multiple payload sets and clusterbomb generates
// permutations and combinations for all payloads.
// values:
// - "batteringram"
// - "pitchfork"
// - "clusterbomb"
AttackType generators.AttackTypeHolder `yaml:"attack,omitempty" jsonschema:"title=attack is the payload combination,description=Attack is the type of payload combinations to perform,enum=batteringram,enum=pitchfork,enum=clusterbomb"`
// description: |
// Payloads contains any payloads for the current request.

7
v2/pkg/protocols/network/network_input_types.go
View File

@ -8,11 +8,14 @@ import (
"github.com/alecthomas/jsonschema"
)
// NetworkInputType is the type of the method specified
// NetworkInputType is the type of the network input specified
type NetworkInputType int
// name:NetworkInputType
const (
// name:hex
hexType NetworkInputType = iota + 1
// name:text
textType
//limit
limit
@ -53,7 +56,7 @@ func (t NetworkInputType) String() string {
// NetworkInputTypeHolder is used to hold internal type of the Network type
type NetworkInputTypeHolder struct {
NetworkInputType NetworkInputType
NetworkInputType NetworkInputType `mapping:"true"`
}
func (holder NetworkInputTypeHolder) GetType() NetworkInputType {

6
v2/pkg/protocols/network/operators_test.go
View File

@ -149,7 +149,7 @@ func TestNetworkOperatorExtract(t *testing.T) {
t.Run("extract", func(t *testing.T) {
extractor := &extractors.Extractor{
Part: "data",
Type: extractors.TypeHolder{ExtractorType: extractors.RegexExtractor},
Type: extractors.ExtractorTypeHolder{ExtractorType: extractors.RegexExtractor},
Regex: []string{"[0-9]+\\.[0-9]+\\.[0-9]+\\.[0-9]+"},
}
err = extractor.CompileExtractors()
@ -162,7 +162,7 @@ func TestNetworkOperatorExtract(t *testing.T) {
t.Run("kval", func(t *testing.T) {
extractor := &extractors.Extractor{
Type: extractors.TypeHolder{ExtractorType: extractors.KValExtractor},
Type: extractors.ExtractorTypeHolder{ExtractorType: extractors.KValExtractor},
KVal: []string{"request"},
}
err = extractor.CompileExtractors()
@ -193,7 +193,7 @@ func TestNetworkMakeResult(t *testing.T) {
}},
Extractors: []*extractors.Extractor{{
Part: "data",
Type: extractors.TypeHolder{ExtractorType: extractors.RegexExtractor},
Type: extractors.ExtractorTypeHolder{ExtractorType: extractors.RegexExtractor},
Regex: []string{"[0-9]+\\.[0-9]+\\.[0-9]+\\.[0-9]+"},
}},
},

2
v2/pkg/protocols/network/request_test.go
View File

@ -38,7 +38,7 @@ func TestNetworkExecuteWithResults(t *testing.T) {
}},
Extractors: []*extractors.Extractor{{
Part: "data",
Type: extractors.TypeHolder{ExtractorType: extractors.RegexExtractor},
Type: extractors.ExtractorTypeHolder{ExtractorType: extractors.RegexExtractor},
Regex: []string{"<h1>.*</h1>"},
}},
},

6
v2/pkg/protocols/offlinehttp/operators_test.go
View File

@ -139,7 +139,7 @@ func TestHTTPOperatorExtract(t *testing.T) {
t.Run("extract", func(t *testing.T) {
extractor := &extractors.Extractor{
Part: "body",
Type: extractors.TypeHolder{ExtractorType: extractors.RegexExtractor},
Type: extractors.ExtractorTypeHolder{ExtractorType: extractors.RegexExtractor},
Regex: []string{"[0-9]+\\.[0-9]+\\.[0-9]+\\.[0-9]+"},
}
err = extractor.CompileExtractors()
@ -152,7 +152,7 @@ func TestHTTPOperatorExtract(t *testing.T) {
t.Run("kval", func(t *testing.T) {
extractor := &extractors.Extractor{
Type: extractors.TypeHolder{ExtractorType: extractors.KValExtractor},
Type: extractors.ExtractorTypeHolder{ExtractorType: extractors.KValExtractor},
KVal: []string{"test-header"},
Part: "header",
}
@ -184,7 +184,7 @@ func TestHTTPMakeResult(t *testing.T) {
}},
Extractors: []*extractors.Extractor{{
Part: "body",
Type: extractors.TypeHolder{ExtractorType: extractors.RegexExtractor},
Type: extractors.ExtractorTypeHolder{ExtractorType: extractors.RegexExtractor},
Regex: []string{"[0-9]+\\.[0-9]+\\.[0-9]+\\.[0-9]+"},
}},
}}

4
v2/pkg/protocols/websocket/websocket.go
View File

@ -52,10 +52,6 @@ type Request struct {
//
// Sniper is each payload once, pitchfork combines multiple payload sets and clusterbomb generates
// permutations and combinations for all payloads.
// values:
// - "sniper"
// - "pitchfork"
// - "clusterbomb"
AttackType generators.AttackTypeHolder `yaml:"attack,omitempty" jsonschema:"title=attack is the payload combination,description=Attack is the type of payload combinations to perform,enum=sniper,enum=pitchfork,enum=clusterbomb"`
// description: |
// Payloads contains any payloads for the current request.

235
v2/pkg/templates/templates_doc.go
View File

@ -16,14 +16,20 @@ var (
MODELClassificationDoc encoder.Doc
HTTPRequestDoc encoder.Doc
MATCHERSMatcherDoc encoder.Doc
MatcherTypeHolderDoc encoder.Doc
EXTRACTORSExtractorDoc encoder.Doc
ExtractorTypeHolderDoc encoder.Doc
GENERATORSAttackTypeHolderDoc encoder.Doc
HTTPMethodTypeHolderDoc encoder.Doc
DNSRequestDoc encoder.Doc
DNSRequestTypeHolderDoc encoder.Doc
FILERequestDoc encoder.Doc
NETWORKRequestDoc encoder.Doc
NETWORKInputDoc encoder.Doc
NetworkInputTypeHolderDoc encoder.Doc
HEADLESSRequestDoc encoder.Doc
ENGINEActionDoc encoder.Doc
ActionTypeHolderDoc encoder.Doc
SSLRequestDoc encoder.Doc
WEBSOCKETRequestDoc encoder.Doc
WEBSOCKETInputDoc encoder.Doc
@ -160,13 +166,6 @@ func init() {
MODELInfoDoc.Fields[5].Note = ""
MODELInfoDoc.Fields[5].Description = "Severity of the template."
MODELInfoDoc.Fields[5].Comments[encoder.LineComment] = "Severity of the template."
MODELInfoDoc.Fields[5].Values = []string{
"info",
"low",
"medium",
"high",
"critical",
}
MODELInfoDoc.Fields[6].Name = "metadata"
MODELInfoDoc.Fields[6].Type = "map[string]string"
MODELInfoDoc.Fields[6].Note = ""
@ -237,7 +236,20 @@ func init() {
FieldName: "severity",
},
}
SEVERITYHolderDoc.Fields = make([]encoder.Doc, 0)
SEVERITYHolderDoc.Fields = make([]encoder.Doc, 1)
SEVERITYHolderDoc.Fields[0].Name = ""
SEVERITYHolderDoc.Fields[0].Type = "Severity"
SEVERITYHolderDoc.Fields[0].Note = ""
SEVERITYHolderDoc.Fields[0].Description = ""
SEVERITYHolderDoc.Fields[0].Comments[encoder.LineComment] = ""
SEVERITYHolderDoc.Fields[0].EnumFields = []string{
"undefined",
"info",
"low",
"medium",
"high",
"critical",
}
MODELClassificationDoc.Type = "model.Classification"
MODELClassificationDoc.Comments[encoder.LineComment] = ""
@ -348,18 +360,6 @@ func init() {
HTTPRequestDoc.Fields[8].Note = ""
HTTPRequestDoc.Fields[8].Description = "Method is the HTTP Request Method."
HTTPRequestDoc.Fields[8].Comments[encoder.LineComment] = "Method is the HTTP Request Method."
HTTPRequestDoc.Fields[8].Values = []string{
"GET",
"HEAD",
"POST",
"PUT",
"DELETE",
"CONNECT",
"OPTIONS",
"TRACE",
"PATCH",
"PURGE",
}
HTTPRequestDoc.Fields[9].Name = "body"
HTTPRequestDoc.Fields[9].Type = "string"
HTTPRequestDoc.Fields[9].Note = ""
@ -501,14 +501,6 @@ func init() {
MATCHERSMatcherDoc.Fields[0].Note = ""
MATCHERSMatcherDoc.Fields[0].Description = "Type is the type of the matcher."
MATCHERSMatcherDoc.Fields[0].Comments[encoder.LineComment] = "Type is the type of the matcher."
MATCHERSMatcherDoc.Fields[0].Values = []string{
"status",
"size",
"word",
"regex",
"binary",
"dsl",
}
MATCHERSMatcherDoc.Fields[1].Name = "condition"
MATCHERSMatcherDoc.Fields[1].Type = "string"
MATCHERSMatcherDoc.Fields[1].Note = ""
@ -607,6 +599,30 @@ func init() {
"true",
}
MatcherTypeHolderDoc.Type = "MatcherTypeHolder"
MatcherTypeHolderDoc.Comments[encoder.LineComment] = " MatcherTypeHolder is used to hold internal type of the matcher"
MatcherTypeHolderDoc.Description = "MatcherTypeHolder is used to hold internal type of the matcher"
MatcherTypeHolderDoc.AppearsIn = []encoder.Appearance{
{
TypeName: "matchers.Matcher",
FieldName: "type",
},
}
MatcherTypeHolderDoc.Fields = make([]encoder.Doc, 1)
MatcherTypeHolderDoc.Fields[0].Name = ""
MatcherTypeHolderDoc.Fields[0].Type = "MatcherType"
MatcherTypeHolderDoc.Fields[0].Note = ""
MatcherTypeHolderDoc.Fields[0].Description = ""
MatcherTypeHolderDoc.Fields[0].Comments[encoder.LineComment] = ""
MatcherTypeHolderDoc.Fields[0].EnumFields = []string{
"word",
"regex",
"binary",
"status",
"size",
"dsl",
}
EXTRACTORSExtractorDoc.Type = "extractors.Extractor"
EXTRACTORSExtractorDoc.Comments[encoder.LineComment] = " Extractor is used to extract part of response using a regex."
EXTRACTORSExtractorDoc.Description = "Extractor is used to extract part of response using a regex."
@ -649,16 +665,10 @@ func init() {
EXTRACTORSExtractorDoc.Fields[0].AddExample("", "cookie-extractor")
EXTRACTORSExtractorDoc.Fields[1].Name = "type"
EXTRACTORSExtractorDoc.Fields[1].Type = "TypeHolder"
EXTRACTORSExtractorDoc.Fields[1].Type = "ExtractorTypeHolder"
EXTRACTORSExtractorDoc.Fields[1].Note = ""
EXTRACTORSExtractorDoc.Fields[1].Description = "Type is the type of the extractor."
EXTRACTORSExtractorDoc.Fields[1].Comments[encoder.LineComment] = "Type is the type of the extractor."
EXTRACTORSExtractorDoc.Fields[1].Values = []string{
"regex",
"kval",
"json",
"xpath",
}
EXTRACTORSExtractorDoc.Fields[2].Name = "regex"
EXTRACTORSExtractorDoc.Fields[2].Type = "[]string"
EXTRACTORSExtractorDoc.Fields[2].Note = ""
@ -727,6 +737,28 @@ func init() {
"true",
}
ExtractorTypeHolderDoc.Type = "ExtractorTypeHolder"
ExtractorTypeHolderDoc.Comments[encoder.LineComment] = " ExtractorTypeHolder is used to hold internal type of the extractor"
ExtractorTypeHolderDoc.Description = "ExtractorTypeHolder is used to hold internal type of the extractor"
ExtractorTypeHolderDoc.AppearsIn = []encoder.Appearance{
{
TypeName: "extractors.Extractor",
FieldName: "type",
},
}
ExtractorTypeHolderDoc.Fields = make([]encoder.Doc, 1)
ExtractorTypeHolderDoc.Fields[0].Name = ""
ExtractorTypeHolderDoc.Fields[0].Type = "ExtractorType"
ExtractorTypeHolderDoc.Fields[0].Note = ""
ExtractorTypeHolderDoc.Fields[0].Description = ""
ExtractorTypeHolderDoc.Fields[0].Comments[encoder.LineComment] = ""
ExtractorTypeHolderDoc.Fields[0].EnumFields = []string{
"regex",
"kval",
"xpath",
"json",
}
GENERATORSAttackTypeHolderDoc.Type = "generators.AttackTypeHolder"
GENERATORSAttackTypeHolderDoc.Comments[encoder.LineComment] = " AttackTypeHolder is used to hold internal type of the protocol"
GENERATORSAttackTypeHolderDoc.Description = "AttackTypeHolder is used to hold internal type of the protocol"
@ -744,7 +776,45 @@ func init() {
FieldName: "attack",
},
}
GENERATORSAttackTypeHolderDoc.Fields = make([]encoder.Doc, 0)
GENERATORSAttackTypeHolderDoc.Fields = make([]encoder.Doc, 1)
GENERATORSAttackTypeHolderDoc.Fields[0].Name = ""
GENERATORSAttackTypeHolderDoc.Fields[0].Type = "AttackType"
GENERATORSAttackTypeHolderDoc.Fields[0].Note = ""
GENERATORSAttackTypeHolderDoc.Fields[0].Description = ""
GENERATORSAttackTypeHolderDoc.Fields[0].Comments[encoder.LineComment] = ""
GENERATORSAttackTypeHolderDoc.Fields[0].EnumFields = []string{
"batteringram",
"pitchfork",
"clusterbomb",
}
HTTPMethodTypeHolderDoc.Type = "HTTPMethodTypeHolder"
HTTPMethodTypeHolderDoc.Comments[encoder.LineComment] = " HTTPMethodTypeHolder is used to hold internal type of the HTTP Method"
HTTPMethodTypeHolderDoc.Description = "HTTPMethodTypeHolder is used to hold internal type of the HTTP Method"
HTTPMethodTypeHolderDoc.AppearsIn = []encoder.Appearance{
{
TypeName: "http.Request",
FieldName: "method",
},
}
HTTPMethodTypeHolderDoc.Fields = make([]encoder.Doc, 1)
HTTPMethodTypeHolderDoc.Fields[0].Name = ""
HTTPMethodTypeHolderDoc.Fields[0].Type = "HTTPMethodType"
HTTPMethodTypeHolderDoc.Fields[0].Note = ""
HTTPMethodTypeHolderDoc.Fields[0].Description = ""
HTTPMethodTypeHolderDoc.Fields[0].Comments[encoder.LineComment] = ""
HTTPMethodTypeHolderDoc.Fields[0].EnumFields = []string{
"GET",
"GET",
"POST",
"PUT",
"DELETE",
"CONNECT",
"OPTIONS",
"TRACE",
"PATCH",
"PURGE",
}
DNSRequestDoc.Type = "dns.Request"
DNSRequestDoc.Comments[encoder.LineComment] = " Request contains a DNS protocol request to be made from a template"
@ -794,17 +864,6 @@ func init() {
DNSRequestDoc.Fields[5].Note = ""
DNSRequestDoc.Fields[5].Description = "RequestType is the type of DNS request to make."
DNSRequestDoc.Fields[5].Comments[encoder.LineComment] = "RequestType is the type of DNS request to make."
DNSRequestDoc.Fields[5].Values = []string{
"A",
"NS",
"DS",
"CNAME",
"SOA",
"PTR",
"MX",
"TXT",
"AAAA",
}
DNSRequestDoc.Fields[6].Name = "class"
DNSRequestDoc.Fields[6].Type = "string"
DNSRequestDoc.Fields[6].Note = ""
@ -848,6 +907,33 @@ func init() {
DNSRequestDoc.Fields[11].Description = "Resolvers to use for the dns requests"
DNSRequestDoc.Fields[11].Comments[encoder.LineComment] = " Resolvers to use for the dns requests"
DNSRequestTypeHolderDoc.Type = "DNSRequestTypeHolder"
DNSRequestTypeHolderDoc.Comments[encoder.LineComment] = " DNSRequestTypeHolder is used to hold internal type of the DNS type"
DNSRequestTypeHolderDoc.Description = "DNSRequestTypeHolder is used to hold internal type of the DNS type"
DNSRequestTypeHolderDoc.AppearsIn = []encoder.Appearance{
{
TypeName: "dns.Request",
FieldName: "type",
},
}
DNSRequestTypeHolderDoc.Fields = make([]encoder.Doc, 1)
DNSRequestTypeHolderDoc.Fields[0].Name = ""
DNSRequestTypeHolderDoc.Fields[0].Type = "DNSRequestType"
DNSRequestTypeHolderDoc.Fields[0].Note = ""
DNSRequestTypeHolderDoc.Fields[0].Description = ""
DNSRequestTypeHolderDoc.Fields[0].Comments[encoder.LineComment] = ""
DNSRequestTypeHolderDoc.Fields[0].EnumFields = []string{
"A",
"NS",
"DS",
"CNAME",
"SOA",
"PTR",
"MX",
"TXT",
"AAAA",
}
FILERequestDoc.Type = "file.Request"
FILERequestDoc.Comments[encoder.LineComment] = " Request contains a File matching mechanism for local disk operations."
FILERequestDoc.Description = "Request contains a File matching mechanism for local disk operations."
@ -940,11 +1026,6 @@ func init() {
NETWORKRequestDoc.Fields[2].Note = ""
NETWORKRequestDoc.Fields[2].Description = "Attack is the type of payload combinations to perform.\n\nBatteringram is same payload into all of the defined payload positions at once, pitchfork combines multiple payload sets and clusterbomb generates\npermutations and combinations for all payloads."
NETWORKRequestDoc.Fields[2].Comments[encoder.LineComment] = "Attack is the type of payload combinations to perform."
NETWORKRequestDoc.Fields[2].Values = []string{
"batteringram",
"pitchfork",
"clusterbomb",
}
NETWORKRequestDoc.Fields[3].Name = "payloads"
NETWORKRequestDoc.Fields[3].Type = "map[string]interface{}"
NETWORKRequestDoc.Fields[3].Note = ""
@ -1032,6 +1113,26 @@ func init() {
NETWORKInputDoc.Fields[3].AddExample("", "prefix")
NetworkInputTypeHolderDoc.Type = "NetworkInputTypeHolder"
NetworkInputTypeHolderDoc.Comments[encoder.LineComment] = " NetworkInputTypeHolder is used to hold internal type of the Network type"
NetworkInputTypeHolderDoc.Description = "NetworkInputTypeHolder is used to hold internal type of the Network type"
NetworkInputTypeHolderDoc.AppearsIn = []encoder.Appearance{
{
TypeName: "network.Input",
FieldName: "type",
},
}
NetworkInputTypeHolderDoc.Fields = make([]encoder.Doc, 1)
NetworkInputTypeHolderDoc.Fields[0].Name = ""
NetworkInputTypeHolderDoc.Fields[0].Type = "NetworkInputType"
NetworkInputTypeHolderDoc.Fields[0].Note = ""
NetworkInputTypeHolderDoc.Fields[0].Description = ""
NetworkInputTypeHolderDoc.Fields[0].Comments[encoder.LineComment] = ""
NetworkInputTypeHolderDoc.Fields[0].EnumFields = []string{
"hex",
"text",
}
HEADLESSRequestDoc.Type = "headless.Request"
HEADLESSRequestDoc.Comments[encoder.LineComment] = " Request contains a Headless protocol request to be made from a template"
HEADLESSRequestDoc.Description = "Request contains a Headless protocol request to be made from a template"
@ -1102,7 +1203,23 @@ func init() {
ENGINEActionDoc.Fields[3].Note = ""
ENGINEActionDoc.Fields[3].Description = "Action is the type of the action to perform."
ENGINEActionDoc.Fields[3].Comments[encoder.LineComment] = "Action is the type of the action to perform."
ENGINEActionDoc.Fields[3].Values = []string{
ActionTypeHolderDoc.Type = "ActionTypeHolder"
ActionTypeHolderDoc.Comments[encoder.LineComment] = " ActionTypeHolder is used to hold internal type of the action"
ActionTypeHolderDoc.Description = "ActionTypeHolder is used to hold internal type of the action"
ActionTypeHolderDoc.AppearsIn = []encoder.Appearance{
{
TypeName: "engine.Action",
FieldName: "action",
},
}
ActionTypeHolderDoc.Fields = make([]encoder.Doc, 1)
ActionTypeHolderDoc.Fields[0].Name = ""
ActionTypeHolderDoc.Fields[0].Type = "ActionType"
ActionTypeHolderDoc.Fields[0].Note = ""
ActionTypeHolderDoc.Fields[0].Description = ""
ActionTypeHolderDoc.Fields[0].Comments[encoder.LineComment] = ""
ActionTypeHolderDoc.Fields[0].EnumFields = []string{
"navigate",
"script",
"click",
@ -1124,6 +1241,7 @@ func init() {
"keyboard",
"debug",
"sleep",
"waitvisible",
}
SSLRequestDoc.Type = "ssl.Request"
@ -1210,11 +1328,6 @@ func init() {
WEBSOCKETRequestDoc.Fields[6].Note = ""
WEBSOCKETRequestDoc.Fields[6].Description = "Attack is the type of payload combinations to perform.\n\nSniper is each payload once, pitchfork combines multiple payload sets and clusterbomb generates\npermutations and combinations for all payloads."
WEBSOCKETRequestDoc.Fields[6].Comments[encoder.LineComment] = "Attack is the type of payload combinations to perform."
WEBSOCKETRequestDoc.Fields[6].Values = []string{
"sniper",
"pitchfork",
"clusterbomb",
}
WEBSOCKETRequestDoc.Fields[7].Name = "payloads"
WEBSOCKETRequestDoc.Fields[7].Type = "map[string]interface{}"
WEBSOCKETRequestDoc.Fields[7].Note = ""
@ -1326,14 +1439,20 @@ func GetTemplateDoc() *encoder.FileDoc {
&MODELClassificationDoc,
&HTTPRequestDoc,
&MATCHERSMatcherDoc,
&MatcherTypeHolderDoc,
&EXTRACTORSExtractorDoc,
&ExtractorTypeHolderDoc,
&GENERATORSAttackTypeHolderDoc,
&HTTPMethodTypeHolderDoc,
&DNSRequestDoc,
&DNSRequestTypeHolderDoc,
&FILERequestDoc,
&NETWORKRequestDoc,
&NETWORKInputDoc,
&NetworkInputTypeHolderDoc,
&HEADLESSRequestDoc,
&ENGINEActionDoc,
&ActionTypeHolderDoc,
&SSLRequestDoc,
&WEBSOCKETRequestDoc,
&WEBSOCKETInputDoc,

4
v2/pkg/templates/templates_doc_examples.go
View File

@ -44,7 +44,7 @@ var (
Recursion: true,
Operators: operators.Operators{
Extractors: []*extractors.Extractor{
{Type: extractors.TypeHolder{ExtractorType: extractors.RegexExtractor}, Regex: []string{"ec2-[-\\d]+\\.compute[-\\d]*\\.amazonaws\\.com", "ec2-[-\\d]+\\.[\\w\\d\\-]+\\.compute[-\\d]*\\.amazonaws\\.com"}},
{Type: extractors.ExtractorTypeHolder{ExtractorType: extractors.RegexExtractor}, Regex: []string{"ec2-[-\\d]+\\.compute[-\\d]*\\.amazonaws\\.com", "ec2-[-\\d]+\\.[\\w\\d\\-]+\\.compute[-\\d]*\\.amazonaws\\.com"}},
},
},
}
@ -54,7 +54,7 @@ var (
Extensions: []string{"all"},
Operators: operators.Operators{
Extractors: []*extractors.Extractor{
{Type: extractors.TypeHolder{ExtractorType: extractors.RegexExtractor}, Regex: []string{"amzn\\.mws\\.[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}"}},
{Type: extractors.ExtractorTypeHolder{ExtractorType: extractors.RegexExtractor}, Regex: []string{"amzn\\.mws\\.[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}"}},
},
},
}

11
v2/pkg/templates/types/types.go
View File

@ -15,14 +15,23 @@ import (
type ProtocolType int
// Supported values for the ProtocolType
// name:ProtocolType
const (
// name:dns
DNSProtocol ProtocolType = iota + 1
// name:file
FileProtocol
// name:http
HTTPProtocol
// name:headless
HeadlessProtocol
// name:network
NetworkProtocol
// name:workflow
WorkflowProtocol
// name:ssl
SSLProtocol
// name:websocket
WebsocketProtocol
limit
InvalidProtocol
@ -69,7 +78,7 @@ func (t ProtocolType) String() string {
// TypeHolder is used to hold internal type of the protocol
type TypeHolder struct {
ProtocolType ProtocolType
ProtocolType ProtocolType `mapping:"true"`
}
func (holder TypeHolder) JSONSchemaType() *jsonschema.Type {